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DETAILED ACTION 

This action is in response to the Applicant's Remarks and Amendments 
filed May 2, 2006. 

Claims 1 and 13 have been amended. 
Claims 18-24 are cancelled. 
Claims 1-17 are herein considered. 



Response to Amendment 

The Applicant's amendments to the drawings have overcome the 
Examiner's previous objections and are accepted. 

The Applicant's amendments to the specification to add in missing serial 
numbers have overcome the previous objections and are accepted. 

The Examiner withdraws her objections to claim 4 in light of the 
Applicant's comments and specification. 

The Applicant's addition of the term "legal" to claim 1 is not accepted by 
the Examiner as it introduces new matter not previously claimed or supported by 
the specification. The Examiner draws the Applicant's attention to 35 
U.S.C. 132(a) which states that no amendment shall introduce new matter into 
the disclosure of the invention. Applicant is required to cancel the new matter in 
the reply to this Office Action. 
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Response to Arguments 

Applicant's arguments filed May 2, 2006 have been fully considered but 
they are not persuasive. 

As per Applicants first argument concerning Brands' alleged failure to 
disclose a contract or the concept of "legal ownership", the Examiner refers back 
to the abovementioned rejections concerning the addition of new matter. 

As per Applicant's next set of arguments concerning Brands' alleged 
failure to teach an "only instance of a private key", the Examiner respectfully 
disagrees. The Examiner would like to point back to page 6 of the Applicant's 
remarks wherein he notes that both Brands and the Applicant store their private 
key securely so that it may not be leaked, and may remain 'secret'. In 
accordance with both the Applicant's invention as well as Brands' it is imperative 
that the secret key remain secret, and it is for this reason that the key is stored 
within a secure hardware token. Nowhere in Brands is it suggested that the key 
would be stored anywhere else, rather throughout the prior art, it is made clear 
that the key is to be kept within the secure token and nowhere else. The 
Examiner has taken this to suggest that the instance of the private key located 
within the secure hardware token is the only existing instance of the key in order 
to be sure that the key is kept secure and out of the hands of any other 
individual. 

As per Applicant's next set of arguments concerning Brands' alleged 
failure to teach the step of "a digital certificate for the subscriber", the Examiner 
respectfully disagrees and draws the Applicant's attention to column 17 line 66 
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thru column 18 line 6. Within this cited portion, Brands discloses the creation 
and sending of the digital certificate and digital signature from the user's device 
(UC) to the RC. It is clear from the cited section above that Brands does in fact 
disclose the creation and use of a user's digital certificate. 

Therefore, based on the above arguments, the Examiner maintains the 
rejections as set forth in the previous office action and amended below in 
response to Applicant's amendments. 



Claim Rejections - 35 USC §112 

The following is a quotation of the second paragraph of 35 U.S.C. 1 12: 

The specification shall conclude with one or more claims particularly pointing out and distinctly 
claiming the subject matter which the applicant regards as his invention. 

Claims 1-17 are rejected under 35 U.S.C. 112, second paragraph, as 

being indefinite for failing to particularly point out and distinctly claim the subject 

matter which applicant regards as the invention. The use of the phrase "legal 

ownership" within independent claim 1 is vague and indefinite, failing to find 

support in the specification. The Examiner is unable to comprehend exactly what 

a contract establishing "legal ownership" would entail, if a true "legal authority" 

exists and what that would be, and the difference between simple "ownership" 

and "legal ownership". 
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Claim Rejections - 35 USC § 102 

The text of those sections of Title 35, U.S. Code not included in this action 
can be found in a prior Office action. 

Claims 1-17 are rejected under 35 U.S.C. 102(b) as being anticipated 
by United States Patent No. 5,668,878 to Stefanus Alfonsus Brands. 

Regarding claim 1, Brands teaches a method for facilitating secure 
hardware token issuance and use, said method comprising the steps of storing 
an only instance of a private ("secret") key within the hardware token ("tamper 
resistant computing device"), the hardware token being adapted to prevent the 
private key from being exported from the hardware token (col. 5 lines 13-16), 
binding the private key to a subscriber with a digital certificate for the subscriber 
(col. 8 lines 56-64; col. 10 lines 6-17), creating a contract establishing legal 
ownership over the physical manifestation of the private key as contained within 
the hardware token, and the subscriber using the private key to create a digital 
signature (col. 4 lines 23-47; col. 10 lines 19-49). 

Regarding claim 2, Brands teaches wherein the hardware token is issued 
by a trusted entity (col. 11 line 65 thru col. 12 line 17; col.15 lines 26-31; col. 16 
lines 4-14). 

Regarding claim 3, Brands teaches wherein the contract specifies that the 
physical manifestation of the private key is owned by the trusted entity (col. 16 
lines 4-36). 
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Regarding claim 4, Brands teaches wherein the trusted entity is an 
issuing participant (col.1 1 line 65 thru col. 12 line 17; col. 15 lines 26-31; col. 16 
lines 4-14). 

Regarding claim 5, Brands teaches wherein the contract specifies that the 
physical manifestation of the private key is owned by a root entity (col. 7 lines 55- 
67 col.8 lines 13-14,29-38). 

Regarding claim 6, Brands teaches wherein the contract specifies that the 
physical manifestation of the private key is owned by the subscriber (col. 7 lines 
55-67 col.8 lines 13-14, 29-38). 

Regarding claim 7, Brands teaches wherein the hardware token is a 
smartcard (col.8 lines 25-27). 

Regarding claim 8, Brands teaches wherein the hardware token is a 
PCMCIA device (col.8 lines 25-27). 

Regarding claim 9, Brands teaches wherein the private key is an identity 
private key (col.1 1 lines 1-6). 

Regarding claim 10, Brands teaches wherein the hardware token 
comprises means for monotonically counting each time the private key is used to 
create a digital signature (col. 10 lines 1-5). 

Regarding claim 11, Brands teaches wherein the hardware token 
comprises means for permanently storing a PIN/passphrase (col. 7 lines 55-67). 

Regarding claim 12, Brands teaches wherein the subscriber must enter 
the PIN/passphrase before a digital signature is generated (col. 13 lines 45-67). 
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Regarding claim 13, Brands teaches wherein the subscriber must enter 
the PIN/passphrase each time a digital signature is generated (col. 12 line 59 thru 
col.13 line 14). 

Regarding claim 14, Brands teaches wherein the digital signature 
comprises security data (col. 9 lines 16-24). 

Regarding claim 15, Brands teaches wherein the security data is signed 
to create a security-data cryptogram (col. 10 line 31 thru col.1 1 line 6). 

Regarding claim 16, Brands teaches wherein the security-data 
cryptogram is generated using an algorithm different than the one used to create 
the digital signature (col. 10 line 31 thru col.1 1 line 6). 

Regarding claim 17, Brands teaches wherein the security data comprises 
data that is the subject of the digital signature (col. 9 lines 16-24; col. 9 lines 33- 
36). 

Conclusion 

Applicant's amendment necessitated the new ground(s) of rejection 
presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. 
See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as 
set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire 
THREE MONTHS from the mailing date of this action. In the event a first reply is 
filed within TWO MONTHS of the mailing date of this final action and the advisory 
action is not mailed until after the end of the THREE-MONTH shortened statutory 
period, then the shortened statutory period will expire on the date the advisory 
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action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be 
calculated from the mailing date of the advisory action. In no event, however, will 
the statutory period for reply expire later than SIX MONTHS from the date of this 
final action. 

Any inquiry concerning this communication or earlier communications from 
the examiner should be directed to Tamara Teslovich whose telephone number 
is (571) 272-4241. The examiner can normally be reached on Mon-Fri 8-4:30. 

If attempts to reach the examiner by telephone are unsuccessful, the 
examiner's supervisor, Emmanuel Moise can be reached on (571) 272-3865. 
The fax phone number for the organization where this application or proceeding 
is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from 
the Patent Application Information Retrieval (PAIR) system. Status information 
for published applications may be obtained from either Private PAIR or Public 
PAIR. Status information for unpublished applications is available through 
Private PAIR only. For more information about the PAIR system, see http://pair- 
direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll- 
free). If you would like assistance from a USPTO Customer Service 
Representative or access to the automated information system, call 800-786- 
\A OR CANADA) or 571-272-1000. 
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